1. Chapter 5 SNMP Management
Network Administration
CNET-443
Chapter 5 SNMP Management

2. Outline SNMPV3 key features SNMPV3 documentation architecture
SNMPV3 architecture
Elements of an entity
Names
Abstract service interfaces
SNMPV3 applications
Command generator
Command responder
Notification originator
Notification receiver
Proxy forwarder
SNMPV3 management information base
Security
Security threats
Security model
Message format

3. SNMP V3 Features Modularization of Architecture and Documentation
Continued usage of legacy SNMP entities
Application services and primitives
Formulizes messages in use in earlier versions
Improved Security
Continued and formulized Access Policy

4. SNMPV3 Documentation Architecture
SNMP document architecture addresses how existing documents and new documents could be designed to be autonomous and at the same time be integrated to describe different SNMP frameworks.
Represented as follows:

5. SNMPV3 Architecture
SNMP network management consists of several nodes, each with an SNMP entity.
Interact with each other to monitor and manage the network and resources.
Architecture of an SNMP entity is defined as the elements of an entity the names associated with them.
Three kinds of naming:
Naming of entities
Naming of identities
Naming of management information

6. SNMPV3 Architecture: Elements of an Entity

7. Names
Naming of entities, identities and management information is part of SNMPv3 specifications
Two names are associated with identities: Principal and securityName
Principal is the who requesting services. It could be a person or an application.
The securityName is a human readable string representing a principal.
The principal could be a single user.
The principal can be given a security name administratively.

8. Abstract Services Interfaces
Subsystems in an SNMP entity communicate across an interface.
Abstract services interface is generic and independent of specific implementation.
See Figure:

9. SNMPV3 Applications
SNMPv3 formally defines five types of applications.
Not same as the functional model that the OSI model addresses.
May be considered as application service elements.
They are:
Command Generator
Command Responder
Notification Originator
Notification Receiver
Proxy Forwarder

10. Command Generator
Used to generate get-request, get-next-request, get-bulk and set-request messages.
Processes the response received for the command sent.
Command generator application is associated with the network manager process.
Command Generator Application:

11. Command Responder Processes the get and set requests destined for it.
Received the legitimate non-authoritative remote entity.
Performs the appropriate action of get or set on the network element.
Prepares a get response message.
Sends it to the remote entity that made the request.
As shown in Figure:

12. Notification Originator
Generates either a trap or an inform message.
Function is somewhat similar to command responder.
Except it needs to find out where to send the message
Also what SNMP version and security parameters to use.
The target that the notification should be sent is obtained from the target group.

13. Notification Receiver
Receives SNMP notification messages.
Registers with the SNMP engine to receive these messages.
Same as the command responder does to receive get and set messages.

14. Proxy Forwarder Performs a function similar to proxy server.
The term proxy is used to refer to a proxy forwarder application that forwards SNMP requests, notifications and responses.
Proxy forwarder handles four types of messages:
Messages generated by command generator
Command responder
Notification Generator
Report indicator

15. SNMPV3 MIB
Sikandar Bhai

16. SNMPV3 MIB

17. Security One of the main objectives in developing SNMPv3.
Following aspects have been discussed in SNMPv3 specifications:
Authentication
Privacy of information
Authorization
Access Controls

18. Security Threats Four types of threats: Modification of information
Masquerade
Message stream modification
Disclosure
As shown in following figure:

19. Security Model

20. Message Format

21. Thanks